F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware - The New York Times

This is still  happening everywhere. Meanwhile, In the U.S.,  the FBI recommends that users change default usernames and passwords, ensure patches are applied when issued and if necessary, to keep connected devices on a segmented network.

Yes, everything is connected. Great article from Andrew Orlowski in the Register about the December 6 #O2 outage, sparked by an expired software certificate... (shall we call this a "man in the muddle" attack? )

Orlowski writes:

"...While the "Spook Industrial Complex" frets about cybersecurity - rightly, of course, for that's what we pay it to do - it draws attention away from the everyday bugs and bungles that cause the outages that inconvenience millions of people. One is hypothetical, but one is real and an increasingly regular occurrence. And this applies across our national infrastructure. I wonder how much end of life kit is open to years-old vulnerabilities? Or how many routers have 123 as a password? More than you think..."

Democratic lawmakers want to shut down shopping bots beloved by scalpers...The proposed "Stopping Grinch Bots Act" would make it illegal to use bots to shop online and also outlaw reselling items purchased by bots.

Lawmakers label them "Grinch" bots because, during the holiday season, resellers use them to buy inventory of highly coveted toys that can be resold at highly inflated prices. These bots are so quick that they can purchase entire stocks of items before people can even add them to their carts.

Survey data from IDC found 46 percent of organizations claim to have experienced a breach or security incident associated with IoT.

Modern cryptography, such as ForceShield's dynamic transformation technology, can help make the IoT a safer, more reliable place.

“Organizations on the forefront of implementing IoT are understandably encountering challenges in identifying appropriate security technologies that are capable of mitigating the unique threats that IoT presents,” noted Brian Russell, chair of the CSA IoT Working Group.

According to 451 Research IoT practice director Christian Renaud, approaching IIoT from the operational side – via what he calls “the OT door” as opposed to the IT door – is a much more intelligent way to think about implementation.

Preventing a breach isn’t a high enough bar to set for a security model that defines maturity. Because the IIoT involves both operational technology and information technology, any maturity model has to include elements of both.

what can you do to protect your devices from getting VPNFilter, or any other malicious software? 1) Don't expose administrative interfaces or services to the Internet. Just don't. It's really hard for security professionals to do this, meaning it's basically impossible for regular users. So don't enable remote administration of your router, and don't share your NAS with the Internet. 2) Keep it up to date. Vendors fix vulnerabilities, but that doesn't help you if you don't patch them.

Security first

While the business outcomes and partnerships with key stakeholders and others are obviously essential, security is at least as important.

Look at security from an end-to-end perspective as there are so many components involved: from connectivity to devices and connected applications. Security by design and embedded security are a must. And as in all transformational projects, involve security early on.

The Wicked botnet scans ports 8080, 8443, 80 and 81and it will try to exploit the device once a connection is established. The exploits used depend on which port the botnet connects to for specific devices.

Targeted devices include flawed Netgear routers -- some of which were also used by the Reaper botnet -- and closed-circuit video cameras that have a remote code execution flaw. One exploit doesn't target a device, but instead targets compromised web servers with malicious invoker shells that are already installed.

FBI agents armed with a court order have seized control of a key server in the Kremlin’s global botnet of 500,000 hacked routers. One plug-in lets the hackers eavesdrop on the victim’s Internet traffic; another targets a protocol used in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.

Krebs says: "In short, dumb IoT devices are those that don’t make it easy for owners to use them safely without being a nuisance or harm to themselves or others."